// routes/user.js
import express from "express";
import {
  createUser,
  loginUser,
  refreshAccessToken,
} from "../controllers/userController.js";
import verifyToken from "../middlewares/verifyToken.js";

const router = express.Router();

router.get("/protected-data", verifyToken, (req, res) => {
  res.json({ code: 0, msg: "成功", data: "这是受保护的数据", user: req.user });
});

// 登录接口
router.post("/login", loginUser);
// 注册接口
router.post("/register", createUser);
// 刷新 token 接口
router.post("/refresh-token", refreshAccessToken);

// 菜单权限接口（返回当前用户可访问的页面路径）
router.get("/routes", async (req, res) => {
  // TODO：后续可按用户角色动态判断
  res.json({
    code: 0,
    data: [
      "/dashboard",
      "/user",
      "/activity",
      "/admin",
      "/screen",
      "/technicalDifficulties",
      "/frontendSecurity",
      "/ComplexForms",
      "/model/viewer",
      "/learnThree",
      "/Metro3D",
      "/3DProject",
    ],
  });
});

// ES Module 结尾这样写
export default router;
